Improvements on the digest testcase: - multipart digest update now really breaks down the data into junks of DIGEST_UPDATE_JUNK_SIZE (currently 32 bytes) size. - new testcase single part digest with variable data size which allocs -datasize <nr_of_bytes> and runs all the defined digest tests with this. If no datasize parameter is given, defaults to BIG_REQUEST (4k) data size. - new testcase multiple parts digest with variable data size which allocs -datasize <nr_of_bytes> and runs all the defined digest tests with this. If no datasize parameter is given, defaults to BIG_REQUEST (4k) data size.
Signed-off-by: Harald Freudenberger <[email protected]> --- testcases/crypto/digest.h | 2 + testcases/crypto/digest_func.c | 262 +++++++++++++++++++++++++++++++++++++--- 2 files changed, 248 insertions(+), 16 deletions(-) diff --git a/testcases/crypto/digest.h b/testcases/crypto/digest.h index dff3e12..c425804 100644 --- a/testcases/crypto/digest.h +++ b/testcases/crypto/digest.h @@ -1,8 +1,10 @@ #include "pkcs11types.h" #define MAX_KEY_SIZE 150 +#define MIN_DATA_SIZE 64 #define MAX_DATA_SIZE 512 #define MAX_HASH_SIZE 64 +#define DIGEST_UPDATE_JUNK_SIZE 32 CK_ULONG four = 4; CK_ULONG ten = 10; diff --git a/testcases/crypto/digest_func.c b/testcases/crypto/digest_func.c index 156c238..bb16eab 100644 --- a/testcases/crypto/digest_func.c +++ b/testcases/crypto/digest_func.c @@ -46,6 +46,10 @@ CK_RV do_Digest(struct digest_test_suite_info *tsuite) /** iterate over test vectors **/ for(i = 0; i < tsuite->tvcount; i++){ + /** begin test **/ + testcase_begin("Starting %s Digest with test vector %d.", + tsuite->name, i); + rc = CKR_OK; // set rc /** clear buffers **/ @@ -82,8 +86,9 @@ CK_RV do_Digest(struct digest_test_suite_info *tsuite) testcase_new_assertion(); if (actual_len != expected_len) { - testcase_fail("hashed data length does not match test vector's" " hashed data length.\nexpected length=%ld, found " - "length=%ld.", expected_len, actual_len); + testcase_fail("hashed data length does not match test vector's" + " hashed data length.\nexpected length=%ld, found " + "length=%ld.", expected_len, actual_len); } else if (memcmp(actual, expected, expected_len)){ @@ -105,12 +110,105 @@ testcase_cleanup: return rc; } +/** Tests messge digest with variable data size. **/ +CK_RV do_Digest2(struct digest_test_suite_info *tsuite, size_t datasize) +{ + + int i, j; + CK_BYTE *data; + CK_ULONG data_len; + CK_BYTE actual[MAX_HASH_SIZE]; + CK_ULONG actual_len; + CK_MECHANISM mech; + + CK_SESSION_HANDLE session; + CK_SLOT_ID slot_id = SLOT_ID; + CK_ULONG flags; + CK_RV rc; + + // begin test suite + testsuite_begin("%s Digest with %u bytes", tsuite->name, (unsigned)datasize); + testcase_rw_session(); + + // allocate buffers + if (datasize < MIN_DATA_SIZE) datasize = MIN_DATA_SIZE; + data = (CK_BYTE*) malloc(datasize); + if (!data) { + fprintf(stderr, "Memory Allocation Error, aborting test run !!!\n"); + exit(1); + } + + // skip test if mech is not supported with this slot + if (! mech_supported(slot_id, tsuite->mech.mechanism)){ + testsuite_skip(tsuite->tvcount, + "mechanism %s is not supported with slot %ld", + tsuite->name, slot_id); + goto testcase_cleanup; + } + + // iterate over test vectors + for(i = 0; i < tsuite->tvcount; i++){ + + /** begin test **/ + testcase_begin("Starting %s Digest with test vector %d.", + tsuite->name, i); + + rc = CKR_OK; // set rc + + // clear buffers + memset(actual, 0, sizeof(actual)); + + // set up data buffer + data_len = datasize; + for (j=0; j < data_len; j++) + data[i] = (CK_BYTE) j; + + // get mech + mech = tsuite->mech; + + // initialize single digest + rc = funcs->C_DigestInit(session, &mech); + if (rc != CKR_OK) { + testcase_error("C_DigestInit rc=%s", p11_get_ckr(rc)); + goto testcase_cleanup; + } + + actual_len = sizeof(actual); // set digest buffer size + + // do single digest + rc = funcs->C_Digest(session, data, data_len, actual, &actual_len); + if (rc != CKR_OK) { + testcase_error("C_Digest rc=%s", p11_get_ckr(rc)); + goto testcase_cleanup; + } + + // if hash was sucessful generated that's all we expect here + if (actual_len != tsuite->tv[i].hash_len) { + testcase_fail("hashed data length does not match test vector's" + " hashed data length.\nexpected length=%ld, found " + "length=%ld.", + tsuite->tv[i].hash_len, actual_len); + } else { + testcase_pass("%s Digest with test vector %d and %u bytes of data passed.", + tsuite->name, i, (unsigned)datasize); + } + } + +testcase_cleanup: + rc = funcs->C_CloseAllSessions(slot_id); + if (rc != CKR_OK) { + testcase_error("C_CloseAllSessions rc=%s", p11_get_ckr(rc)); + } + free(data); + return rc; +} + /** Tests multipart message digest with published test vectors. **/ CK_RV do_DigestUpdate(struct digest_test_suite_info *tsuite) { int i; CK_BYTE data[MAX_DATA_SIZE]; - CK_ULONG data_len; + CK_ULONG data_len, data_done; CK_BYTE actual[MAX_HASH_SIZE]; CK_ULONG actual_len; CK_BYTE expected[MAX_HASH_SIZE]; @@ -118,9 +216,9 @@ CK_RV do_DigestUpdate(struct digest_test_suite_info *tsuite) CK_MECHANISM mech; CK_SESSION_HANDLE session; - CK_SLOT_ID slot_id = SLOT_ID; + CK_SLOT_ID slot_id = SLOT_ID; CK_ULONG flags; - CK_RV rc; + CK_RV rc; /** begin test **/ testsuite_begin("Starting %s Multipart Digest.", tsuite->name); @@ -149,6 +247,7 @@ CK_RV do_DigestUpdate(struct digest_test_suite_info *tsuite) memset(expected, 0, sizeof(expected)); /** get test vector info **/ + data_done = 0; data_len = tsuite->tv[i].data_len; expected_len = tsuite->tv[i].hash_len; memcpy(data, tsuite->tv[i].data, data_len); @@ -167,13 +266,16 @@ CK_RV do_DigestUpdate(struct digest_test_suite_info *tsuite) actual_len = sizeof(actual); /** do multipart digest **/ - if (data_len > 0) { - rc = funcs->C_DigestUpdate(session, &data[0], data_len); + while (data_done < data_len) { + CK_ULONG len = data_len - data_done; + if (len >= DIGEST_UPDATE_JUNK_SIZE) + len = DIGEST_UPDATE_JUNK_SIZE; + rc = funcs->C_DigestUpdate(session, data + data_done, len); if (rc != CKR_OK) { - testcase_error("C_DigestUpdate rc=%s", - p11_get_ckr(rc)); + testcase_error("C_DigestUpdate rc=%s", p11_get_ckr(rc)); goto testcase_cleanup; } + data_done += len; } /** finalize multipart digest **/ @@ -211,6 +313,112 @@ testcase_cleanup: return rc; } +/** Tests multipart message digest with variable data size. **/ +CK_RV do_DigestUpdate2(struct digest_test_suite_info *tsuite, size_t datasize) +{ + int i, j; + CK_BYTE *data; + CK_ULONG data_len, data_done; + CK_BYTE actual[MAX_HASH_SIZE]; + CK_ULONG actual_len; + CK_MECHANISM mech; + + CK_SESSION_HANDLE session; + CK_SLOT_ID slot_id = SLOT_ID; + CK_ULONG flags; + CK_RV rc; + + // begin test + testsuite_begin("Starting %s Multipart Digest with %u bytes", + tsuite->name, (unsigned)datasize); + testcase_rw_session(); + + // allocate buffers + if (datasize < MIN_DATA_SIZE) datasize = MIN_DATA_SIZE; + data = (CK_BYTE*) malloc(datasize); + if (!data) { + fprintf(stderr, "Memory Allocation Error, aborting test run !!!\n"); + exit(1); + } + + // skip test if mech is not supported with this slot + if (! mech_supported(slot_id, tsuite->mech.mechanism)){ + testsuite_skip(tsuite->tvcount, + "mechanism %s is not supported with slot %ld", + tsuite->name, slot_id); + goto testcase_cleanup; + } + + // iterate over test vectors + for(i = 0; i < tsuite->tvcount; i++){ + + // begin test + testcase_begin("Starting %s Multipart Digest with test vector %d.", + tsuite->name, i); + + rc = CKR_OK; // set rc + + // clear buffers + memset(actual, 0, sizeof(actual)); + + // set up data buffer + data_done = 0; + data_len = datasize; + for (j=0; j < data_len; j++) + data[i] = (CK_BYTE) j; + + // get mechanism + mech = tsuite->mech; + + // initialize multipart digest + rc = funcs->C_DigestInit(session, &mech); + if (rc != CKR_OK) { + testcase_error("C_DigestInit rc=%s", p11_get_ckr(rc)); + goto testcase_cleanup; + } + + actual_len = sizeof(actual); + + // do multipart digest + while (data_done < data_len) { + CK_ULONG len = data_len - data_done; + if (len >= DIGEST_UPDATE_JUNK_SIZE) + len = DIGEST_UPDATE_JUNK_SIZE; + rc = funcs->C_DigestUpdate(session, data + data_done, len); + if (rc != CKR_OK) { + testcase_error("C_DigestUpdate rc=%s", p11_get_ckr(rc)); + goto testcase_cleanup; + } + data_done += len; + } + + // finalize multipart digest + rc = funcs->C_DigestFinal(session, actual, &actual_len); + if (rc != CKR_OK) { + testcase_error("C_DigestFinal rc=%s", p11_get_ckr(rc)); + goto testcase_cleanup; + } + + // if hash was sucessful generated that's all we expect here + if (actual_len != tsuite->tv[i].hash_len) { + testcase_fail("hashed multipart data length does not " + "match test vector's hashed data length.\n"); + } else { + testcase_pass("%s Multipart Digest with test vector " + "%d and %u bytes of data passed.", + tsuite->name, i, (unsigned)datasize); + } + } + +testcase_cleanup: + rc = funcs->C_CloseAllSessions(slot_id); + if (rc != CKR_OK) { + testcase_error("C_CloseAllSessions rc=%s", p11_get_ckr(rc)); + } + free(data); + return rc; +} + /** Tests signature verification with published test vectors. **/ CK_RV do_SignVerify_HMAC(struct HMAC_TEST_SUITE_INFO *tsuite){ @@ -258,7 +466,7 @@ CK_RV do_SignVerify_HMAC(struct HMAC_TEST_SUITE_INFO *tsuite){ /** get mechanism **/ mech = tsuite->mech; - + /* for ep11, check if key len is supported */ key_len = tsuite->tv[i].key_len; @@ -416,7 +624,7 @@ CK_RV do_SignVerify_HMAC_Update(struct HMAC_TEST_SUITE_INFO *tsuite) /** get mechanism **/ mech = tsuite->mech; - + /* for ep11, check if key len is supported */ key_len = tsuite->tv[i].key_len; @@ -461,20 +669,20 @@ CK_RV do_SignVerify_HMAC_Update(struct HMAC_TEST_SUITE_INFO *tsuite) len1 = 0; len2 = 0; /* do in 2 parts */ - if (data_len < 20) + if (data_len < 20) len1 = data_len; else { len1 = data_len - 20; len2 = 20; } - + rc = funcs->C_SignUpdate(session, data, len1); if (rc != CKR_OK) { testcase_error("C_SignUpdate rc=%s", p11_get_ckr(rc)); goto error; } - + if (len2) { rc = funcs->C_SignUpdate(session, data + len1, len2); @@ -516,7 +724,7 @@ CK_RV do_SignVerify_HMAC_Update(struct HMAC_TEST_SUITE_INFO *tsuite) goto error; } } - } + } rc = funcs->C_VerifyFinal(session, actual, actual_len); if (rc != CKR_OK) { testcase_error("C_VerifyFinal rc=%s", p11_get_ckr(rc)); @@ -566,6 +774,11 @@ CK_RV digest_funcs() { CK_RV rc; int i; + // set default data size for variable data tests + // if no value is given on the command line + if (data_size == 0) + data_size = BIG_REQUEST; + /** Digest tests **/ for (i = 0; i < NUM_DIGEST_TEST_SUITES; i++){ rc = do_Digest(&digest_test_suites[i]); @@ -574,6 +787,14 @@ CK_RV digest_funcs() { } } + /** Digest tests with variable data size **/ + for (i = 0; i < NUM_DIGEST_TEST_SUITES; i++){ + rc = do_Digest2(&digest_test_suites[i], data_size); + if (rc && !no_stop) { + return rc; + } + } + /** Multipart Digest tests **/ for (i = 0; i < NUM_DIGEST_TEST_SUITES; i++){ rc = do_DigestUpdate(&digest_test_suites[i]); @@ -581,6 +802,15 @@ CK_RV digest_funcs() { return rc; } } + + /** Multipart Digest tests with variable data data size **/ + for (i = 0; i < NUM_DIGEST_TEST_SUITES; i++){ + rc = do_DigestUpdate2(&digest_test_suites[i], data_size); + if (rc && !no_stop) { + return rc; + } + } + /** HMAC tests **/ for(i = 0; i < NUM_OF_HMAC_TEST_SUITES; i++){ rc = do_SignVerify_HMAC(&hmac_test_suites[i]); @@ -601,7 +831,7 @@ CK_RV digest_funcs() { } } } - + return rc; } -- 1.7.9.5 ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
